I created three DNS forwarders on the Network Services / DNS / DNS Forwarders page. After creating them, they are no longer visible on that page, but they are visible on the Definitions & Users page as hosts. DNS forwarders created on utm 9 remain on the DNS forwarders page.
Yeah that happens when you do not click "Apply" in DNS Forwarders page. [:D]
Regards,
Okay, I see what you mean. When I created the forwarders and saved them, utm saved the hosts, but did not leave them in the list of dns forwarders. I'll grant you it works, but it's kind of awkward. I think it would be preferable if you create a host as a dns forwarder and save it, the host should stay in the list. I can see apply being used if you were dragging a previously created host in from the list of hosts.
However, that leads me to another question about this. My ips dns servers do not support ipv6 and none of the forwarders I created for the purpose of supporting ipv6 were in the list of forwarders. Yet my computers are resolving ipv6 addresses. If the hosts I created to be dns forwarders are not in the list of dns forwarders, my computers should not be able to resolve ipv6 addresses. That makes me wonder if there is some implicit functionality operating invisibly in the background. If so, that is not desirable. If I have no ipv6 capable dns forwarders, my computers should not be able to resolve ipv6 addresses.
Aren't you running a HE tunnel which automatically resolve ipv6 addresses by virtue of a DNS at the other end of tunnel and it comes as part of the tunnel setup?
Aren't you running a HE tunnel which automatically resolve ipv6 addresses by virtue of a DNS at the other end of tunnel and it comes as part of the tunnel setup?
Ian
No, that's not how any tunnel works. First, when you type in a domain name, there is a look-up using the dns. If the address is ipv6, it gets routed through the tunnel. It looks like utm is transparently using hosts as forwarders, even if they are not in the list of forwarders. That's a bug.
What do you mean with "My ips dns servers do not support ipv6"
Normally every DNS Server is responding with A and AAAA record if avaiable, even when it is a ipv4 only DNS Server, this means only it is reachable by ipv4.
When you have no DNS forwarders, UTM will use the root DNS Servers.
Sven
Astaro user since 2001 - Astaro/Sophos Partner since 2008
What do you mean with "My ips dns servers do not support ipv6"
Normally every DNS Server is responding with A and AAAA record if avaiable, even when it is a ipv4 only DNS Server, this means only it is reachable by ipv4.
When you have no DNS forwarders, UTM will use the root DNS Servers.
Sven
For ipv4, utm is set to use the default DNS servers provided by my isp. They do not support AAAA records. (My ips does not support ipv6 at all, which is why I am using a tunnel from HE.) Therefore, I added forwarders to google a, google b and HE. I will try deleting the forwarders and running dnstest to see what it is reporting.
This is a bit off-topic, but if you want to understand why most North American IPSs do not support ipv6, this link may help. Please be forewarned, it's VERY funny, but the language may be offensive to some.
What do you mean with "My ips dns servers do not support ipv6"
Normally every DNS Server is responding with A and AAAA record if avaiable, even when it is a ipv4 only DNS Server, this means only it is reachable by ipv4.
When you have no DNS forwarders, UTM will use the root DNS Servers.
Sven
For ipv4, utm is set to use the default DNS servers provided by my isp. They do not support AAAA records. (My ips does not support ipv6 at all, which is why I am using a tunnel from HE.) Therefore, I added forwarders to google a, google b and HE. I will try deleting the forwarders and running dnstest to see what it is reporting.
This is a bit off-topic, but if you want to understand why most North American IPSs do not support ipv6, this link may help. Please be forewarned, it's VERY funny, but the language may be offensive to some.
